Third-Party Cookies Without Consent

critical

technical· Art. 13, 14 GDPR

Actions

176

Total Fines

€809.6M

Median Fine

€104K

Countries

What is Third-Party Cookies Without Consent?

Third-party tracking cookies or scripts are loaded without obtaining prior user consent. European data protection authorities have issued 176 enforcement actions for third-party cookies without consent violations, imposing a combined €809,593,709 in penalties. The median fine is €104K, indicating that regulators view this violation as warranting substantial financial deterrence. The largest recorded penalty for this violation type was a €325,000,000 fine against Google LLC in France. The most active enforcers of this violation type are Germany, Italy, France.

Largest Fines for Third-Party Cookies Without Consent

Fine

€325.0M fine in France (2025)

Sept 2025🇫🇷 FranceCommission Nationale de l'Informatique et des Libertés

€325.0M

Fine

INFINITE STYLES SERVICES CO. LIMITED (France) - €150.0M

Sept 2025🇫🇷 FranceCommission Nationale de l'Informatique et des Libertés

€150.0M

Fine

Google Ireland Ltd (France) - €100.0M

Dec 2020🇫🇷 FranceCommission Nationale de l'Informatique et des Libertés

€100.0M

Fine

Microsoft Ireland Operations Limited (France) - €60.0M

Dec 2022🇫🇷 FranceCommission Nationale de l'Informatique et des Libertés

€60.0M

Fine

Facebook Ireland Limited (France) - €60.0M

Dec 2021🇫🇷 FranceCommission Nationale de l'Informatique et des Libertés

€60.0M

Recent Enforcement

Court Ruling

Criteo (France)

Mar 2026🇫🇷 FranceCommission Nationale de l'Informatique et des Libertés

No fine

Court Ruling

court ruling in Germany (2026)

Mar 2026🇩🇪 Germany

No fine

Fine

€16.9M fine in United Kingdom (2026)

Feb 2026🇬🇧 United KingdomInformation Commissioner's Office

€16.9M

Court Ruling

court ruling in Germany (2026)

Feb 2026🇩🇪 GermanyDPA OLGDresden

No fine

Court Ruling

court ruling in Germany (2026)

Jan 2026🇩🇪 GermanyDPA LGWrzburg

No fine

Enforcement by Country

Country	Actions	Total Fines
🇩🇪 Germany	33	€0
🇮🇹 Italy	29	€39.2M
🇫🇷 France	19	€742.6M
🇪🇸 Spain	15	€129K
🇦🇹 Austria	15	€0
🇧🇪 Belgium	12	€140K
🇳🇱 Netherlands	10	€50K
🇬🇧 United Kingdom	8	€17.4M
🇸🇪 Sweden	8	€7.5M
🇳🇴 Norway	5	€2.2M
🇨🇿 Czech Republic	4	€186K
🇫🇮 Finland	3	€0
🇪🇺 European Union	2	€0
🇭🇷 Croatia	2	€50K
🇵🇱 Poland	2	€0
🇨🇾 Cyprus	2	€6K
🇩🇰 Denmark	2	€0
🇷🇴 Romania	1	€2K
🇱🇺 Luxembourg	1	€0
🇱🇻 Latvia	1	€0
🇮🇪 Ireland	1	€0
🇵🇹 Portugal	1	€107K

Frequently Asked Questions

What is a third-party cookies without consent violation?

A third-party cookies without consent violation occurs when a website's cookie consent implementation fails to meet GDPR or ePrivacy requirements. European DPAs have issued 176 enforcement actions for this violation, with fines totaling €809.6M.

What is the typical fine for third-party cookies without consent?

The median fine for third-party cookies without consent violations is €104K, though amounts vary significantly based on the severity and scale of the violation.

Which countries enforce third-party cookies without consent violations most?

The most active countries in enforcing third-party cookies without consent violations are Germany, Italy, France.

Explore More

All Violation Types

Browse all enforcement categories

Enforcement by Country

Browse enforcement across Europe

GDPR Articles

Explore cited GDPR provisions